There's no CSRF defense in echosim.io. If you are logged in, someone else can trick you into uploading their voice commands to your Alexa. This page demos that in a not-very-malicious way.
why?
echosim.io really just need to slap a same-site flag on their session cookie...
What scares me is that smart home assistants do not have any concept of tokens for use in chained interactions.
What i mean by that is... if i ask Alexa to 'order 54 rolls of toilet tissue', her response asks me to to confirm with a verbal 'yes' to place the order.
All this site does is send the .wav of me asking for the rolls, and then send the .wav of my 'yes' shortly after.
What should happen is that the initial reponse should also contain a token to echosim.io that they need to send back along with my 'yes' recording.
This would prevent 3rd-party apps for Alexa from being as potentially harmful to users when they suffer from CSRF isues.
Session management on smart home assistants scares the s**t out of me.